An Introduction to DNS and DNS Tools

The explosive growth of the Internet was made possible, in part, by DNS.

The domain name system (DNS) hums along
behind the scenes and, as with running water, we largely take it
for granted. That this system just works is a testament to the
hackers who designed and developed DNS and the open-source package
called Bind, thereby introducing a scalable Internet to the world.
Before DNS and Bind, /etc/hosts was the only way to translate IP
addresses to human-friendly hostnames and vice versa.

This article will introduce the concepts of DNS and three
commands with which you can examine DNS information:
host,
dig and
nslookup.

The DNS is a distributed, hierarchical database where
authority flows from the top (or root) of the hierarchy downward.
When Linux Journal registered
linuxjournal.com, they got permission from an entity that had
authority at the root or top level. The Internet Corporation for
Assigned Names and Numbers (ICANN) and a domain name registrar,
transferred authority for linuxjournal.com to Linux Journal, which now has the authority to create
subdomains such as embedded.linuxjournal.com, without the
involvement of ICANN and a domain name registrar.

When trying to understand the structure of the DNS, think of
an inverted tree—the very structure of the UNIX filesystem. Each
branch of the tree is within a zone of
authority; more than one branch of this tree can be within a single
zone. Linux Journal could choose to retain
authority for embedded.linuxjournal.com, or they could delegate it
down the tree to someone else who could make subdomains such as
zeus.embedded.linuxjournal.com.

The software (usually Bind) that stores domain name
information is called a domain name server. A
single name server can be authoritative for multiple zones. All
zones have a primary master and a secondary master name server that
provides authoritative responses for their zones.

If you query a name server not authoritative for a particular
zone, that name server will most likely return the correct
information. This is because zone information propagates throughout
the Internet, and name servers cache zone information for which
they are not authoritative.

When you register a new domain name, transfer your old one to
a new host or just make changes to the zone database file, it often
takes several days for the new information to propagate completely.
During that interim period, nonauthoritative name servers often
temporarily cache stale information about your domain name.

You may wonder how you fit into this process when you use the
Internet. Well, whenever you use the Web, Telnet, FTP, etc., your
software uses the resolver (the client side of the DNS), which is a
set of library routines compiled into programs such as Mozilla.
When you type www.linuxjournal.com, the resolver
sets up the query to the name server that does the work of
translating www.linuxjournal.com to 207.178.22.49 so you can get to
the web site.

DNS Commands

For comprehensive coverage of DNS and DNS commands, read the
man pages and get one of the excellent DNS books on the market,
such as O'Reilly's DNS and Bind and Sybex's
Linux DNS Server Administration.

Zone file database records divide DNS information into three
primary types: NS (name server) records, MX (mail exchange) records
and A (Address) records. NS records indicate the name servers. MX
records indicate the hosts that handle e-mail delivery; the
priority (pri) number indicates the order in which mail servers are
used, with the lowest number receiving the highest priority. The A
(Address) records map hostnames to IP addresses, the real names of
machines.

host

This is the simplest of the DNS commands. It is a quick way
to determine the IP address of a hostname:

Now that you know the IP address for www.linuxjournal.com,
you might want to make sure the reverse lookup works. The reverse
lookup checks to see if the reverse zone file maps the IP address
to the hostname: